Speak now, we're listening...

Is a data breach at your business inevitable?

by David Strom

In a word, yes.

Last year was marked by several high-profile data breaches around the world, ending on a bizarre note with the Sony breach. Breaches are nothing new, but the number of attacks have notably increased, creating widespread media attention and putting many companies into crisis mode. And things don’t look to be getting better any time soon.

According to Kevin Routhier, founder and CEO of Coretelligent, “There will absolutely be more breaches in 2015—possibly even more than we saw in 2014 due to the booming underground market for hackers and cybercriminals around both credit card data and identity theft.1

More companies are putting more of their critical data online and making use of hyper-connected Internet systems — and therefore opening themselves further to these attacks. And unfortunately, no defense is completely impregnable, especially to determined hackers with the time and resources to crack your network.

The bottom line for your business: Chances are very high that you already have been compromised, or soon will be. But all hope is not lost.

The bottom line for your business: Chances are very high that you already have been compromised, or soon will be.

The sky Isn’t falling

So if a breach is bound to happen, why try to protect your systems and your data? Two big reasons: first, you can minimize your damages by protecting yourself as best as possible ahead of time. This includes limiting your exposure to lawsuits and dramatically cutting the expenses involved in mitigating the damage to your network —costs that can be in the multiple millions of dollars, maybe more. And second, a major data breach can cause a dramatic loss in customers.Having the right strategy, including elements from IT, legal and PR, can help prevent this exodus.

How do you prepare for this eventuality? According to Ricoh IT VP David Levine, “You need to tune your system, [and] establish baselines and metrics that allow you to measure and track what normal behavior is. It is only then that you can flag abnormal.”

Building your data breach response plan

This can be done with a combination of intrusion detection systems and firewall monitoring tools. If you haven’t looked carefully at what you are using in this area, now is the time to see if you have the best technology implementation, along with the right staff and the skills to use this equipment properly.

As we wrote about in the Sony hack aftermath, having the right incident response team assembled ahead of time is crucial. Levine suggests holding several practice “fire drills” so the team can get used to working together and understanding what is needed before an actual breach occurs. This includes bringing together teams from different departments and establishing a well-understood chain of command, so decisions can be made quickly and decisively during times when even seconds can count.

Proactive preparation is key

You can minimize your damages by protecting yourself as best as possible ahead of time.

Also, it pays to start looking more closely at insider threats. Don’t assume that a data breach will only happen from an outsider. As the cloud and other software-as-a-service providers become more popular, insiders can provide — either knowingly or not — key authentication information to allow the bad guys entry into your networks and data.

Finally, Levine talks about reducing the “dwell time,” or the time between when a data breach happens and when you finally figure out it has occurred. Both the Target and Sony breaches from last year had long dwell times. Don’t let that happen to you. According to one report from security researchers Mandiant2, the average dwell time is more than 8 months. That’s far too long, and it means that companies need to pay better attention to their networks.

It all starts from having the right data breach response plan in place — after all, odds are you will need it.

David Strom is one of the leading experts on network and Internet technologies and has written and spoken extensively on topics such as VOIP, convergence, email, cloud computing, network management, Internet applications, wireless and Web services for more than 25 years. His work has appeared in ITworld.com, TechTarget.com, Internet.com, Network World, Infoworld, PC Week, Computerworld, Small Business Computing, c|net and news.com, eWeek, Baseline Magazine, PC World, and PC Magazine.